For 2019’s National Cybersecurity Awareness Month (NCSAM), the National Cyber Security Alliance (NCSA) has named the security awareness and training vendor Habitu8 its official partner.
Habitu8 offers high-quality animated and live-action videos that deliver information on areas of cybersecurity. The motivation behind creating these videos, according to the two cofounders of the organization, was to make security awareness and training a fun and enjoyable experience. The intent of the partnership between NCSA and Habitu8 is to spread the best practices captured in these training videos to the consumers’ families, friends, and colleague networks.
This partnership with the NCSA highlights one of the vendors in the security awareness and training space that is doing a good job of creating content easily consumed by the average end user. These recommendations are important for two reasons:
If you have been looking for a security awareness and training vendor, you have undoubtedly noticed that most vendors offer the same type of content supported by varying philosophies. Some feel training should be serious and impactful, while others think training is best received when it is funny and light.
The Info-Tech recommendation for wading through these vendors and selecting one is to start by taking a step back and looking inward at your organization’s existing training culture. Talk to HR – find out what training efforts in the past have been the most effective.
Once you have a better feel for the culture and the type of training that will align well with your end users, begin to investigate what vendors offer. You may find that some of the bigger vendors simply do not provide the continuity in training you were looking for or to the technical depth your end users desire.
Habitu8 has been named an official partner of NCSA because it offers a product that the NCSA feels will be consumed by the end users that watch the training content. The market is moving away from “compliance-driven training” (longer training that includes enough information to check all the boxes) and more towards “consumable training” (shorter training with information presented in such a way that end users consume and remember the content). Habitu8 demonstrates this latter approach by offering short, funny animated and live-action videos for security awareness and training.
Qualys VMDR and Ivanti have announced a new partnership dedicated to improving the detection and patching of vulnerabilities. Announced July 30, the Qualys and Ivanti Partnership have already gone live as an integrated component of the VMDR solution.
RiskSense announced on July 13 its new version of the cloud-delivered RiskSense risk management platform. The main draw of the program is its holistic risk calculation across CVEs and CWEs.
Cyberthreats are omnipresent for any enterprise. Monitoring ingress and egress points while still conducting business is a balance security professionals attempt to strike. Couple this with the continued security issues around remote work during the pandemic, and security teams have their hands full.
On May 26, Kenna Security released its new Prioritization to Prediction Benchmark Survey. This free tool provides organizations with the ability to compare their vulnerability management programs to industry averages Kenna Security has compiled over the years.
COVID-19 has changed a great deal about how businesses operate. From a security perspective, however, COVID-19 caught many businesses off guard. The shift from working in the office to working from home has made it difficult for security measures to keep pace. Specifically, how are businesses meant to maintain the same secure networks when their employees are no longer working in the office? Outside of the security of the IT departments, IT and security have a tough time ensuring that patching and vulnerability management remain at the forefront of a business’s priorities.
Kenna Security deployed their new data driven vulnerability management program, Kenna.VM and accessory program, Kenna.VI. Released on April 28th, Kenna.VM was created with the purpose to set service-level agreements (SLAs) with risk tolerance in mind.
We often hear that businesses are continually cyber insecure or under attack. However, recent penetration testing from Rapid7 shows that businesses are getting better at securing their networks against cyberattacks. While organizations continue to have exploitable weaknesses, attackers are having greater difficulty penetrating deeper into businesses’ networks.
Four zero-day vulnerabilities were discovered in IBM’s Data Risk Manager. While the vulnerabilities are concerning, more so is IBM’s response when addressed. The company simply stated, “It’s out of scope.” – meaning it had no intention to rectify or address the issue.
The Internet of Things is increasingly embedded with our daily lives. While these devices make life more accessible, for every new device, a new attack vector for cyberattackers is created.